Also  inside:  Cut  Better  Deals  With  SAP  I  Keep  the  Board  in  the  Loop 
Cybercriminals  Never  Sleep 

l»lfiniRWailD 

Peer  Perspective.  IT  Leadership.  Business  Results,  i  computcrwobld.coii  i  novemier  zi,  zou 


w  aoaav  nnv 

866  X08  Od 
w  DNi'oNiHsnandVN 
9-80SI 

. . . 

eeo  iz  too  oooo  #o/ao/ee6C62T# 
uraaxa# 


prob^ 

Are  older  workers  facing 
tough  times  in  high  tech? 

Or  are  they  simply  not  pulling 
their  weight  in  an  industry 
that  never  stops  innovating? 


VERISIGN 


IS  YOUR  BUSINESS  CONNECTED  BETWEEN  THE  DOTS? 

If  your  Domain  Name  System  (DNS)  isn't  accurate  and  available, 
your  network  experiences  gridlock,  and  if  your  customers 
experience  any  delay,  they'll  steer  clear  of  your  site.  With 


COMPUTERWORLD 


THIS  ISSUE  I  11.21.2011  [ 


ib.  #(  HI 


IT’S  Problem 


FOR  BREAKING  NEWS.  VISIT  COMPUTERWORLD.COM 


HeadsUp 


1 


Better  Windows 
Support  Due  on 
IBM  Mainframes 


Consumers  Face  Hard  Drive  Price  Hikes 


Floods  IN  THAIUND  are  wreaking 
havoc  on  manuiacturera  of  hard 
diskdrives. 

While  HDD  vendors  are  expected 
to  keep  computer  makers  —  their  larg^ 
customers  —  supplied  with  inventory,  the 
consumer  retail  market  is  lifiely  to  he  hit  hy 
shortages  and  price  increases,  analysts  said. 

Two  research  firms,  IHS  tSiqipli  artd  IDC, 
have  predicted  that  the  overall  shortage  due 
to  the  floodirrg  will  reach  25%  to  28%  over 
the  next  six  months. 

Western  DtgttaL  the  largest  hard  drive 
producer,  will  likely  he  hurt  the  most:  IDC 
predicted  that  up  to  75%  of  its  production  lines 
will  he  temporal  shut  dowrr.  Western  Digital 
and  Toshiba  have  already  aruiourtced  tempo¬ 
rary  shutrkrwns  of  their  Thailarrd  hetories. 

For  its  part,  iSuppli  said  fourth-quarter 


the  third  quarter. 

Consumers  shoirld  expect  firurth-quarter 
prices  to  be  at  least  30%  higher  than  third- 
quarter  prices. 

“You’U  start  to  see  PC  makers  increase 
juices  firr  some  products,”  said  John 
Rydnirrg,  an  IDC  arralyst.  “So,  irr- 
directly,  consurtters  will  face  some  Hj 
higher  prices  because  of  hig^ 

HDD  juices.” 

Pricesonretailsiteshavealreadyrisen- 
and  in  some  cases  even  douUed. 

AnalystsjnedictedthattheHDDcom- 
jxment  in  shortest  sujrply  will  be  the  slider; 
it’s  the  block  onto  which  the  record  artd 
jrlayback  mecbarrism  is  mounted. 


staying  connected  from 
anywhere  just  got  a  lot  easier, 


Now  you  can  access  enterprise  wide  presence  no  matter 
where  you  are  or  what  mobile  device  you  use. 


AVAyA 


Thf  report,  from  the  Office  of  the 
National  Coumerintelligence  Eiecu- 


Social  Media  Success  Is  Still  Elusive 


IT’S  CLEAR  that  companies  are  using 

social  networks  to  connect  with  custoin- 
ers.  Less  clear,  though,  is  wliat  snccess 
means  in  this  new  media  and  how  busi- 
nesH's  can  achieve  it. 

That  was  a  hot  topic  at  the  recent  Seattle 
Interactive  Conference. 

"We  haven't  seen  a  lot  of  R'  in  the  ROI." 
said  David  Camp,  head  of  marketing  for 
AmazonWireless,  Amazon's  site  for  sales  f)f 
cellphones  and  service  plans.  He  was  referring 
specifically  to  financial  returns. 

But  Kim  Johnston,  vice  president  t)f  market¬ 
ing  at  Parallels,  said  she  sees  gcKxl  returns 
—  although  not  necessarily  the  type  Camp 
was  referencing.  The  R.”  she  said,  “could  be 
in.sigJir,  not  just  money.  '  Parallels  —  which 
makes  virtualization  software  lor  Macintoshes 
—  learns  a  lot  from  customers  via  Facebook 
and  Twitter,  she  added. 

Tapping  into  customer  feedback  streams 
can  be  tricky,  said  speakers  and  other  at¬ 
tendees.  T-Mobile  nwmitors  social  networks  to 


gather  insights  that  can  benefit  product  devel¬ 
opment,  said  Alex  SamaiKJ.  general  manager 
for  Bobsled,  a  T  Mobile  voice-over  lP  product. 

But  "you  have  to  be  cautit)us  of  what  yrw’re 
Iwaring,  "  he  saki,  since  not  everyone  who 
posts  on  Facebook  is  necessaril)  representa¬ 
tive  of  other  customers. 

Still,  stKial-mcdia-based  interactions  with 
customers  can  be  useful.  Ten  years  ago.  it  was 
common  to  pay  $150,000  to  get  a  focus  group 
of  customers  together.  "You  don't  have  to  do 
that  anymore."  Samano  said. 

The  rate  at  which  sticial  media  followers 
turn  into  paying  customers  varies.  Amazon- 
Wireless,  for  instance,  hasn’t  found  scxrial 
m*tw(irking  ttKjls  to  be  particularly  efficient  at 
converting  traffic  into  sales.  Camp  said. 

le,  however,  has  had  great  sueex'ss 
le  products.  The  company  launchetl 
htially  f<>r  Faceb(K>k  ust‘rs  and,  owing 
to  its  media-launch  strategy,  began  signing  up 
users  at  a  rate  of  3,000  per  h<jur,  Samano  sakl. 

-  Nuncy  Coliritig,  //XT  Nnw  Scrviir  ■ 


tions  for  bow  organizations  can 
strengthen  their  defenses. 

-Chinese  actors  are  the  world's 
most  active  and  persistent  perpe¬ 
trators  of  economic  espionage."  the 
report  said.  “Russia's  intelligence 
services  are  conducting  a  range  of 
activities  to  collect  information  and 
technology  from  U.5.  targets." 

Sensitive  information  on  smart¬ 
phones  and  laptops  attractive 
target  for  cyberspies.  The  report 
says  encfvption.  multifactor  au¬ 
thentication  and  real-time  network 
monitoring  may  help  keep  data  safe. 

The  report  cited  the  case  of  Dong- 
fan  Chung,  an  engineer  with  Rock¬ 
well  and  Boeing  who  worked  on  the 
B-I  bomber  and  was  found  to  have 
^SO.OOO  documents  m  his  house. 

"Cyberspace  makes  twssible  the 

enormous  quantiltes  of  informa¬ 
tion."  the  reiwrt  said. 


6  COHPUTERWORLD 


i 


Social  Media  Success  Is  Still  Elusive 


I  rs  CLEM  that  companies  an 
sodalnetwo  ' 
ers.  Less  clear,  though,  is  what  success 
means  in  this  new  media  and  how  busi¬ 
nesses  can  achieve  it. 

That  was  a  hot  toi^  at  the  recent  Seattle 
Inteiactive  Conference. 

"We  haven’t  seen  a  lot  of  'R'  in  the  ROl,” 
said  David  Camp,  bead  of  maifceting  for 
AmazonWireless,  Amazon's  site  for  sales  of 
ceUphones  and  service  plans.  Hewas  referrii^ 
specifically  to  financial  returns. 

But  Kim  Johnston,  vice  president  of  market¬ 
ing  at  Parallels,  said  she  sees  good  returns 
—  although  not  necessarily  the  type  Camp 
was  referencing.  The  R,"  she  said,  “could  be 
ins^,  not  just  money."  Parallels  —  which 
makes  virtualization  software  for  Macintoshes 
—  learns  a  lot  fixxn  customers  via  Facebook 
and  IVvitter,  she  added. 


gather  insights  that  can  benefit  product  devel¬ 
opment,  said  Alex  Samano,  general  manager 
for  Bobsled,  a  T-Mobile  voice-over-lP  product. 
But  “you  have  to  be  cautious  of  what  you’re 
heatit^”  he  said,  since  not  everyone  who 
posts  on  Facebook  is  necessarily  representa¬ 
tive  of  other  customers. 

sail,  sodal-media-based  interacaons  with 
customers  can  be  useful.  Ten  years  ago,  it  was 
common  to  pay  $tso,ooo  to  get  a  fircus  group 
of  customers  together.  Tou  don’t  have  to  do 
that  anymore,"  Sarrratto  said. 

The  rate  at  which  social  media  foDowets 


rretwirtkittg  tools  to  be  particrrlatly  efBderrt  at 
converting  traffic  irrto  sales.  Camp  said. 

T-Mobile,  however,  has  had  great  success 
—  for  some  pttrducts.  The  comparry  launched 
Bobsled  irridally  for  Facebook  usi 


tions  for  how  organizations  can 
strengthen  their  defenses. 

“Chinese  actors  arc  the  world’s 
most  active  and  persistent  perpe¬ 
trators  of  economic  espionage.'  the 
report  said.  “Russia’s  intelligence 
services  are  conducting  a  range  of 
activities  to  collett  information  and 
technology  from  U.S.  targets.' 

Sensitive  information  on  smart¬ 
phones  and  laptops  is  an  attractive 
target  for  cyberspies.  The  report 
says  encryption,  multifactor  au¬ 
thentication  and  real-time  network 
monitoring  may  help  keep  data  safe. 

The  report  cited  the  case  of  Dong- 
fan  Chung,  an  engineer  with  Rock¬ 
well  and  Boeing  who  worked  on  the 
B-l  bomber  and  was  found  to  have 
250,000  documents  in  his  house. 

“Cyberspace  makes  possible  the 


The  Samsung  SSD  830  Series:  your  PC  transformed 


NEWS  ANALYSIS 


Hadoop  Is  Ready  for  the 
Enterprise,  IT  Execs  Say 

Big  companies  aie  using  Hadoop  systems  in  big  projects,  despite 
concerns  about  issues  such  as  security.  By  Jaikumar  Vijayan 


stored  before,"  he  said. 

The  data  is  aggregated  into  a 
comitxm  platform  for  use  in  a  range 
of  customer-focused  daa  mining  and 
data  analytics  tods,  Feinsmith  said. 

Meanwhile,  eBay  is  using  Hadoop 
technology  and  the  Hbase  database, 
which  suppofts  real-time  analysis  of 
Hadoop  d^  to  build  a  new  search 
engine  for  its  auction  site. 

Hugh  Williams,  vice  president 
of  ettperienoe,  search  arid  plat¬ 
forms  at  eBay,  said  the  new  engine, 
code-named  Cassini,  will  replace 
technology  the  company  has  used 
since  the  early  aooos.  The  update 
is  needed  in  part  to  handle  surging 
volumes  data. 

He  noted  that  eBay  has  more 
than  97  million  active  buyers  and 

sellers  and  over  200  million  items 

fix' sale  in  50,000  categories.  The 

site  handles  dose  to  2  billion  page 

views,  250  million  search  queries 
asKl  tens  of  billions  of  database  calls 
daily,  he  added. 

The  company  has  9  petabytes 
of  data  stor^  on  Hadcop  and 
Teradata  dusters,  and  the  amount 
is  growing  quickly,  he  said. 

WilliamssaidaboutiooeBayen- 
gineeis  are  working  (XI  the  Cassini 
pn^ect,  making  it  one  of  the  com¬ 
pany’s  largest  development  efforts. 

The  new  engine,  slated  to  go  live 
next  year,  is  expected  to  respond  to 


D  security  and  other  issues,  Hadoop  is  ready  for  enter¬ 
prise  use,  accotditjg  to  rr  executives  at  the  Hadoop 
World  conference  in  New  York  earlier  this  month. 
Larry  Feinsmith,  managing  director  of  IT  at 
JPMocgan  Chase,  told  a ' 


and  data  analysis  framework  for  almost  three  years. 

JPMorgan  Chase  still  relies  heavily  on  relational  database 
systems  for  transaction  processing,  to  it  uses  Hadoop  technol- 

IT  risk  management  and  self  service,  Feinsmith  said. 

With  over  150  petabytes  of  data  stored 
online,  50,000  databases  and  3.5  billion 
logfos  to  user  accounts,  data  is  the  life¬ 
blood  of  JFMotgan  Chase,  Feinsmith  said. 

Hadoop’s  ability  to  store  vast  volumes 
of  unstructured  data  allows  the  company 
to  collect  and  store  Web  logs,  transac¬ 
tion  data  and  scxtal  media  data.  “Hackxjp 
allows  us  to  store  data  that  we  never 


context-based  and  mote  accurate 
than  those  provided  by  the  current  system,  he  sakL 

be  aware  of  pcxential  security  issues.  And  he  explained  that  ag¬ 
gregating  arid  storing  data  from  multiple  sources  can  create  a  slew 


Feinsmith  also  listed  other  potential  Hadoop  drawbacks  that 
users  should  be  aware  of  before  embarking  cm  big  projects. 

For  instance,  he  said  the  Hadoop  marketplace  is  “very  confus¬ 
ing,"  featuring  an  oft-changing  slate  of  vendors,  products  and 
standards.  In  additicm,  skilled  Hadoop  engineers  are  scarce. 

And  Williams  noted  that  related  technologies,  such  as  Hbase, 


Hadoop  allows  us 
to  store  data 


raises  questions  about  system  stability. 

But  Hadoop  has  plenty  of  potential. 
Feinsmith  said  that  IT  workers  at  JPMor¬ 
gan  Chase  ate  debating  whether  rela¬ 
tional  database  technologies  will  evolve  to 
meet  the  bank’s  emerging  big  data  needs, 
or  if  Hafdoop-based  systems  will  become 


II'" 


How  to  Cut  Better 
Deals  With  SAP 

Analysts  and  users  offer  tips  on  how  to  get 
the  best  contract  terms  from  SAP  as  the  year 
draws  to  a  close.  By  Chris  Kanaracus 


6.  Don’t  US«  0»*  I  word  IlfhOy.  Threats  to  leave  SAP 
only  work  if  you're  serious.  “To  get  out  of  a  contract, 
you  need  to  be  rearly  to  leave,”  Wang  said. 

7. C0MMwbwainln|Miw1yad0DMrtotihiadvn- 
tafi  of  discounts  -  but  be  inry<  SAP  has  been  rolling 
out  many  new  products  recently,  and  sales  reps  are 
no  doubt  pushing  those  ofierings  hard,  hoping  to  get 
customers  with  stable  core  ERP  systems  to  open  their 
wallets.  But  you  should  be  aware  that  heavy  discounts 
o&red  by  an  eager  salesman  mi^  be  o&m  by  hefty 


.  ■■Umbonrt'to  boertlePrisHtb  SAP.  A  strong 

leljtiomhip  involves  more  communication  than  yearly 
contract  talks.  You  should  line  up  “strategic  alignment”  meetings 
that  include  top  executives  to  “h^  clarify  stakelxdders’ opinions 
of  SAP”  and  “enhance  SAFs  opinian  of  you  as  a  potential  enaUer 
rather  than  merely  a  negotiation  adversary,”  Jones  said. 

9.  Get  rtady  for  iwxt  ytor.  According  to  Jones,  it's  important  to 
get  a  real  handle  on  bow  crucial  SAP  is  to  your  business  overall 
before  starting  negotiations.  • 


10  COMPUTCIWOOLD  NOVEMBER  21.  2011 


■  rsCMNCN  TIME  for  many  SAP  customers  looking  to 
hammer  out  new  software  deals  and  contract  renewal 
before  the  end  of  the  year. 

Experts  acknowledge  that  it  migjit  be  difficult  to 
.  persi^  SAP  to  budge  on  certain  things,  such  as  an 


Kanaracus  is  a  reporter^  die  IDG  News  Service. 


Today.  97%  of  the  Fortune  Global  500  rely  on  VMware,'  the  global  leader  in  virtualization 
and  cloud  infrastructure.  With  VMware,  you  can  leverage  your  existing  IT  investments  as 
you  transition  to  a  secure,  managed  and  controlled  cloud  solution.  Because  it’s  not  about 

getting  to  the  cloud.  It’s  about  getting  to  your  cloud.  vmware' 

The  power  behind  your  cloud. 


Visit 


i.com/whiteboard 


Joe 

Spi^oletti 


This  CIO  achieves 
business  goals  while 
deftly  balancing  his 
work  and  home  lives. 


FamUy:  Married  for  23  year^, 
with  a  19-year-old  son  and 
a  14-year-okl  daughter. 

What  art  your  Interests 
owtsMe  of  work?  Extreme  sports 
-  snowboarding,  surfing  and 
mountain-biking. 

What  person  do  you  most  admira? 

My  dad.  He  was  a  teacher,  he  raised 
six  kids,  and  every  one  of  us  is 
suaessfui.  There  are  many  pearls  of 
wisdom  he  shared.  One  I  remember 
is: ‘Don’t  ever  tell  anyone  how  good 
you  ate.  If  you’re  that  good,  they’ll  tell 
you  -  and  then  don’t  believe  them." 

What  futuristic  tcdinology 
do  you  hope  becomes  a  reality? 

It  would  be  so  great  if  the  technology 
in  cars  could  prevent  accidents 
and  stabilize  traffic  patterns. 


12 


CAMPBELL  SOUP  senior  vice  president  and  CIO  ]oe  Spognoletti  is  all  business. 

He  tolfes  about  business  Directives  and  transformation,  ond  he  looks  at  technology 
as  a  way  to  achieve  those  goals.  It’s  an  outlo^  that  helped  earn  him  the  Fax  IT 
Leader  Award  from  Temple  University's  Fax  School  0/ Business  and  Management 
earlier  this  year.  Spognoletti,  who  has  been  with  Campbell’s  IT  operation  since  1997  and  hos 
been  QO  since  2008,  says  business  transformation  is  hoppenirig  rapid|y  and  it’s  pushing  FT 
to  change  quickly,  too.  Here  he  shores  some  of  his  other  ideas  about  technology  ond  its  role 
in  today’s  business  world. 

whmi  you  apeak  puWklv  alMMit  IT,  you  say  vary  littta  aboMt  tteh«olo«Y.  If  you  had  to 
glue  a  short  description  of  the  ao’s  Job  today,  what  would  you  say?  In  our  conqsany, 
there  are  just  a  few  m^r  premises.  One  is  we  have  to  help  the  company  grow.  Second, 
we  have  to  help  the  company  operate  as  efiSciently  as  possible.  We  need  to  be  a  critical 
Continued  on  page  14 


Worid’sNo.1 

Antivirus  and  Internet  Security 


ESET  leads  the  industry  in 
the  consecutive  number  of 
"VBIOO”  awards  from  Virus 
Bulletin  testing  organization. 


1  year  FREE 

Buy  two  years,  get  the  third  free 


4. 


U  I  spend  more 

than  50%  of  my 
time  working 
with  people. 

clarifying  objectives, 
mentoring  and  coaching 
and  making  sure  we  have 
the  right  people. 


that  technology  is 
the  end-all,  be-aU.Ifs 
hdping  the  company, 
and  you  can  do  that 
by  having  insight  into 
ho^  woik  is  done 
andshaf^howit 
can  be  done  better 
technically. 


bunts  as  aO?  1  think 
first  and  foremost  are 
the  people  —  helping 
develop  the  best 
possible  capaUlities 

people  and  with 
people.  I  spend  more 
than  50%  of  my  time 
working  with  peo(^, 
clarifying  objec- 

coaching  and  making 


ipl6.  out  front,  understand¬ 

ing  our  business  and 
looking  for  ways 
where  our  competen¬ 
cies  and  technology 
can  help  the  company  grow.  1  spend  very  little  of  my 
time  with  gadgetry  and  focusing  on  the  bits  and  bytes. 

What  an  tbt  MflbSft  dnlti«ts  ytt  fact?  It’s  a 
balance  of  dc^  the  right  thing  ai>d  doing  it  at  the 
right  speed  and  constantly  beii^  connected  to  the 
agenda  of  the  company  a^  shaping  the  work  that 
we  need  to  do,  hopefully  exceeding  expectations  fiir 
what  people  want  and  when  they  want  it,  but  also  to 
help  realikically  set  expectations. 

We  have  technology  from  the  farmer  to  the  shelf 

body's  narrow  view  is  the  most  important,  and  some 
days  you  could  spend  your  day  debating  whether  you 
needaportalforcommurucationmopticaltecluwl- 
ogy  on  a  harvester  and  what's  going  to  drive  more 
value  to  the  company.  People's  expectations  ate 
rising,  resources  are  limited  and  talancing  that  is  an 


between  them.  So  when  you’re  tryir^  to  decide, 
you  ask  how  it  fits  with  our  enabling  strategies  and, 
second,  how  [it  creates  value]  economically  and 
foundationally.  And  then  you  look  at  the  short- and 
long-term  implicatioos  of  that. 

H«w  do  you  ennirt  that  IT  li  raady  to  deHvtr  whafs 
■MOdad  whoa  tiM  pace  of  binliieis  traMfbrmatlon  Is 
so  fast?  It’s  alignment,  in  the  way  we  structure  IT,  in 
the  business  engagement  teams  that  we  have.  They're 
smaller,  but  they’re  mote  senior.  They  live  with  their 
business  partners,  and  they  do  strategic  planning 
together.  What  if  your  irwestment  adviser  was  with 
you  in  the  house  ^  day,  hearing  your  conversations, 
and  then  showed  up  at  the  end  of  every  month  arxl 
said  “here’s  what  you  should  be  thinking  about’? 
That’s  how  we  do  ft.  We’re  migrating  into  this  very  in¬ 
tegrated  aligmnent  role  with  the  purpose  of  shaping 
IT  demand  by  being  in  the  moment  all  the  time. 
We've  formally  organized  ourselves  to  do  that.  It’s  not 
minute  to  mimite,  but  ft  is  frequently  —  and  with  a 
certain  level  of  depth  we've  never  had  before.  We  just 
fully  restructured  the  global  IT  team  into  this  model 
at  the  end  of  June. 


givini  compaiiies  a  compMitlvc  advantage  In  the 
next  few  ynait?  Mobility/cloud.  1  put  them  together 
because  ft’s  an  application  that  can  be  anywhere,  and 
the  person  can  be  anywhere.  And  then  there’s  big 
data,  which  is  analytics.  So  much  of  the  transaction 
side  of  the  bouse,  ft’s  in  that  continuous  optimization 
mode,  and  there’s  not  tremendous  innovation.  The 
Ug  shifts  ate  mobility  and  having  the  ability  to  be  out 
in  front  of  the  consumers  with  information,  and  ana¬ 
lytics  will  drive  that  piece  of  ft.  It’s  about  shoppers’ 
behaviors  and  patterns,  local  demographics  and  data. 
And  on  the  consumer  side,  how  do  you  bring  your 
brandtotheworkhandhowdoyourepresentyour 
company  in  mobile  and  social  naedia? 

One  af  TMH- i«c«it  tWMts  was  pMIOfapbicah  “If 
wark-nfe  balance  Is  a  state  of  mad,  Him  work-Hfn 
lntefntianbefliitwlthtlwpersaa,aottlicteclinol- 
en.”  I  guess  I’m  seen  as  the  person  (at  Campbell] 
who  can  balance  and  keep  it  all  together.  Most 
[people]  are  stn^ir*  with  how  to  make  ft  all  work. 
We  all  think  technology  wiU  help  with  work-lifc 
balance,  but  technology  only  makes  ft  harder  if  you 
don’t  start  by  thinking  about  what’s  important  to  you. 


14 


TOUGH  QUESTION 


WHO  MAKES  THE  HIGHEST  PERFORMANCE 
LOW  LATENCY  NEXT-GEN  FIREWALL? 


SONICWALL 

ENTERPRISE. 


SONICWALL 


-  OPINION 

mORIiroMA.MAY 


Let’s  Keep,  the  Board  of 
Directors  in  the  Loop 


M^IT 
leaders  simiily 
aren't  keeping 
up  with  the 
worldly  of 
their  boards 
of  directors. 


TlwratMA.IIiv 

is  the  author  of 
The  «ew  Know; 
Innoyation  Powered  by 
Analytics  and  executive 
director  of  the  IT 
Leadership  Academy 
at  Florida  State  College 
at  Jacksonville.  You 
can  contact  him  at 
lhorntonamay@ 


I  HE  ROLE  THAT  IT  PLAYS  in  value  creation  should  concern  the  very 
tc^  levels  of  management.  That  being  so,  your  company’s  board 
of  directors  should  be  well  versed  in  vsdiat  is  happening  in  IT. 
Chances  are  that’s  not  the  case. 


In  fact,  my  research  suggests  that  we  hare  thou^ 


ae  ready  to  talk  to  senior 


rr.  what  they  should  know  about  rr  aird  what  they 
should  do  about  IT.  The  smart  people  in  this  indus¬ 
try  must  start  focusing  on  board  competence. 

Ironically,  I  stumUed  upon  this  surprising 
opacity  while  talking  to  a  group  of  IT  folks  who 
are  the  very  best  at  diggii^  out,  understand¬ 
ing  and  sharing  information.  I  was  conductir^ 
a  survey  of  the  top  analytic  professionals  at  the 
highest-performing  companies  in  the  world  and 
adied  these  three  boankrelated  questions: 

■  Which  board  member  is  it  most  important 
for  you  to  have  a  close  relationship  with? 

■  If  you  could  talk  to  any  board  member, 
who  would  it  be? 

■  IfyoucouM  talk  to  the  board  for  two  hours, 
w^  stories  would  you  tell? 

1  hadn’t  expected  the  answers  that  these  (fiestioos 
dkated.  For  the  most  part,  the  respondents  (some 
of  the  smartest  people  in  analytics)  paused  and  then 
admitled,  “Gee,  I  never  really  thoujjit  about  that” 

What  that  unambiguously  tdls  me  is  that  what 
board  members  are  thinking  isn’t  typically  top- 
of-mind  for  analytic  executives.  The  question  for 
you,  my  readers,  is  whether  it  should  be. 

Intrigued  by  what  these  analytic  professionals 
had  to  say  (or  rather,  didn’t  have  to  say)  about  ITs 
relationsliip  with  the  board  of  directors,  1  ex¬ 
panded  my  survey  to  include  aOs  and  CISOs. ’The 
responses  were  similar,  with  the  exception  that 
most  of  the  CISOs  had  a  long  list  of  thit^  they 


What  the  dau  tells  me  (besides  the  panting<log 
need  of  CISOs  to  be  listened  to)  is  that  there  is, 
in  many  organizations,  a  fundamental  discon¬ 
nect  between  the  board  and  the  enterprise’s  IT 
community.  Stated  mote  plainly,  many  IT  leaders 
aren’t  keeping  up  with  the  workings  oftheir 
boards  of  directors.  That  has  to  change. 

EadierthisnionthatFloridaStateCollegeatfack- 
sorrville,  we  conducted  a  workshop  with  the  execu¬ 
tive  in  charge  of  ertterprise  information  quality  at  a 
global  enterprise.  This  executive  —  as  hard-working 
and  dedicated  an  IT  professkmal  as  you  will  ever 
meet  —  was  charged  with  consolidating  information 
man^ement  tools.  The  ”as  is”  situation  he  described 
resembled  a  technological  version  of  Noah’s  Ark, 

just  about  every  tool  imaginable.  The  workshop 
participants  cattK  up  with  some  very  plausfole  move- 
thehall-fotward  recommendations.  Suggestions 
included  doing  a  basdine  inventory  and  coming  up 
with  a  list  of  took  you  want  to  keep  based  on  criteria 
such  as  how  easy  it  is  to  support,  whether  employees 
like  it  and  whether  it  wiU  scale  globally.  It  was  o^  at 
the  end  of  the  discussion  that  one  of  tte  participants 
sugge^  soliciting  board  sippott  for  the  eflbrt  to 

Given  the  fact  that  the  organization’s  ultimate 

success  in  the  marketplace  hinges  on  the  quality 

of  the  information  that  management  uses  to  make 
decisions,  this  doesn’t  seem  like  such  a  bad  idea  to 
me.  What  do  you  think?  ♦ 


16 


SIMPLIFY 

your  move  to  the  cloud,  virtualization, 
and  big  everything  with 
HP  Converged  Storage. 


Reduce  cost  and  speed  deployment  with  the 
power  of  server  and  storage  convergence. 

With  HP  storage,  you  can; 


See  how  HP  storage  con  eiiminole  be 
between  storage  and  the  rest  of  IT 

now  at  hp.com/storage/5CI 


I 


COVER  STORY 


Are  older  workers 
facingtough  times 
in  high  tech? 

Or  are  they  simply 
not  pulling  their 
weight  in  an 
industry  that  never 
stops  innovating? 


GE  BIAS;  Some  consider  it 
it's  dirty  little  secret,  or  even 
ITs  big  open  secret. 

Most  h^b-tech  employers 
would  lil^  deny  that  age  di^ 

companies.  But  many  IT  workers 
over  50  beg  to  diSer,  saying  they 
have  experienced  age  or 

know  sonreone  who  has. 

The  bias  can  take  several 
forms,  they  say.  Their  salaries 
might  stagnate.  They  mi^t 
have  tew  or  no  opportunities 
for  advancement.  They  might 
not  be  mcluded  in  training  and 


18  COMPIITEtWOBLD  NOVEMBER  21. 


COVER  STORY 


professioiul  development  programs.  And 
they  might  be  the  ^t  to  be  laid  off  and  the 
last  to  be  hired. 

As  a  result,  they  may  be  hit  harder  by  the 
reoesskm.  According  to  recent  U.S.  govern¬ 
ment  data,  unemployment  rates  for  older  IT 
professionals  have  increased  mote  quickly 
than  the  rates  for  younger  tech  workers  since 
the  recesskm  began  some  three  years  ago 
(seedrart,pagea4). 

All  o(  that  can  add  up  to  a  tough  toad  fm 
older  people  in  high  tech. 

Age  bra  is  “something  that  no  [employer] 
talks  about.  But  it's  a  reality  in  tech  that 
if  you're  45  years  of  age  and  still  writing  C 
code  or  Cobol  code  artd  makirtg  $tso,ooo 
a  year,  the  likeUhood  is  that  you  won't  be 
employed  very  long,”  says  Wvdt  Wadhwa, 
who  currently  holds  academic  positions  at  several  universities, 
including  UC  Berkeley,  Duke  ^  Harvard. 

As  Wadhwa's  obsetvatioo  indicates,  “age  bias”  is  a  simplistic  label 
for  a  cotrqrlicased  set  of  factors  that  influence  the  job  prospects  for 
senior  tedt  employees.  When  cottsideting  workers  over  the  age  of 
50,  etnployets  take  the  foUowittg  bctors  irrto  accoutrt: 

■  The  relevance,  apjdicabiltty  and  currency  of  their  skills,  which 
may  or  may  not  he  up  to  par  with  those  of  younger  emfioyees. 

■  The  level  of  compensation  they  expect,  which  is  typically 
higher  than  the  salaries  younger  people  seek. 

■  Their  behaviors  and  attitudes,  which  can  become  rigid  and 
narrow-mitxled  with  age. 

■  Their  energy  level,  which  is  presumed  to  be  lower  than  that 
ofaas-year-old. 

While  none  of  these  generalizations  is  necessariiy  true  for  any 
particular  candidate,  each  is  a  stereotypical  assumption  about 
older  workers.  What's  more,  they  ate  all  logical  and  legal  reasons 
foe  an  emploiyet  to  fire,  or  not  hire,  someone. 

“If  you  can  hire  someone  fresh  out  of  college  for  $60,000  who 
is  lik^  to  know  the  latest  technology,  or  you  can  hire  someone 
45  years  old  who's  making  $140,000,  who  are  you  going  to  hire? 
That's  the  harsh  reality,  whether  we  like  it  or  not,”  says  Wadhwa, 
53,  who  started  his  career  in  IT  as  a  programmer  and  then  went 
on  to  be  an  entrepreneur  before  entering  academia. 

Robert  Ayr  bears  that  message 
loud  and  dear.  At  57,  he's  fully 
and  happily  employed  in  IT  as  the 
manager  of  production  services  at 
Irving,  Texas-based  VHA  Inc,  a 
national  network  of  not-fot-proGt 
healthcare  organizations.  He  gives 
himsdf  credit  for  managing  bis 
career  well  through  turbulent  times, 
but  at  the  same  time,  be  can't  help 
but  krok  over  his  shoulder. 

By  his  own  estimate,  siixe  graduat¬ 
ing  college  in  1977,  Ayr  has  held  nine 
or  10  technology  positions  all  over  the 
country  —  in  Califetnria,  Massachu¬ 
setts.  Texas  and  New  York.  “Especial¬ 
ly  in  the  begiruritrg,  I  was  moving  all 


over  the  place  —  to  expand  my  knowledge 
base  and  to  further  my  career,"  he  says. 

As  he  got  older,  he  moved  less  and 
stayed  in  positions  longer,  but  always  took 
care  to  keep  his  skills  fresh,  moving  from 
mainframes  to  VMS  to  his  current  spe¬ 
cialty  —  servers.  “I  say  every  10  years  it's 
time  to  retold,”  he  explains.  “I  keep  trying 
to  learn  as  much  as  I  can,  otherwise  you 
become  a  dinosaur.” 

Even  so,  Ayr  ackiKnvIedges  that  the 
climate  begins  to  change  as  the  years  of 
experience  add  up.  He  recalls  when  he  was 
passed  over  for  a  job  years  ago  in  fevor  of  a 
candidate  who  had  nearly  the  same  creden¬ 
tials  as  he  did  but  was  20  years  younger. 

“I  ran  into  the  guy  a  couple  months  later 
at  a  users' group  meeting,  and  I  asked  him 
ri^  up  front  what  kind  of  namey  they  were  paying  him.  The 
bottom  line  is,  he  was  willing  to  work  for  less.  That's  what  happens.” 

“1  was  always  the  youngest  person  wherever  I  went;  now  I'm  one 
of  the  oldest,”  Ayr  says.  “You  still  picture  yourself  as  the  30-year-old 
hotshot,  but  the  reality  is  you're  not  that  guy  anymore.” 

Older  Workers  by  the  Numbers 

What  do  we  know  about  the  aging  workforce  in  the  U.S.,  and 
about  older  tech  workers  in  particular? 

For  starters,  nKiie  cider  Americans  are  remaining  in  the 
overall  workforce.  Last  year,  the  percentage  of  people  aged  55 
and  idder  in  the  woricforce  reach^  40%,  its  highest  level  in  35 
years,  according  to  a  study  published  in  February  zoii  by  the  Em¬ 
ployee  Benefit  Research  Institute.  And  that's  after  the  2008-Z009 
recession,  when  many  older  workers  lost  their  jobs. 

But  are  older  IT  professionals  remaining  in  the  workforce? 

Solid  numbers  are  difficult  to  find;  the  data  that  is  available  is 
sparse  and  sometimes  inconsistent.  Studies  of  older  workers 
rarely  break  down  results  by  profession.  Recruiting  firms  ofler 
data  on  hiring,  and  sometimes  on  salaries,  by  profession,  but  they 
typically  don't  break  it  down  by  age. 

Other  studies  track  unemployment,  but  not  by  age  or  profes¬ 
sion  —  so  it's  difficult  to  know  how  many  older  IT  profe^onals 
want  work  but  can't  find  it  The  picture  is  further  blurted  when 
companies  outsource  and  offshore 
IT  jobs,  or  import  workers  throu^ 
the  H-iB  and  other  visa  programs — 
potentially  dis{^ing  US.  workers, 
including  older  employees. 

Add  the  feet  that  some  IT  profes¬ 
sionals  voluntarily  bail  out  at  a 
ceruin  age,  either  to  pursue  new 
careers  or  to  start  their  own  business¬ 
es,  and  you  can  see  why  researchers 
find  it  difficuk  to  quantify  trends. 

One  set  of  data  that  do»  bring 
several  of  these  factors  together 
comes  fiom  the  U.S.  Bureau  of  Labor 
Statistics  (BLS).  The  agency  released 
numbers  in  early  2011  that  show  that 
Continued  on  pqge  22 


You  Still  picture 
yourself  as  the 
BO-year-old  hotshoty 

but  the  reality  is  you’re 
not  that  guy  anymore. 

ROBERT  AYR,  MANAGER  OF 
PRODUCTION  SERVICES.  VHA  INC. 


20 


BRIEFCASE 


„  App  Store 


YOU  MAY  NOT  BE  ABLE  to  turn  back  the  clock,  but  there  are  a 
few  things  you  can  do  to  increase  the  likelihood  of  getting  a  job 
and  staying  employed  as  you  age. 


Here  is  a  list  of  things  you  should  and  shouldn't  do 
if  you  hope  to  stay  in  IT: 


» 


Keep  your  skills  up  to  date. 

Consider  movinginto  IT  management. 


Take  advantage  of  a  technical  career  path,  if  your  company 


Build  and  maintain  a  professional  network  independent 
of  your  current  position 

Learn  how  to  use  social  media 


Dress  like  your  co-workers. 


» 


Come  off  as  a  know-ii  all. 


Continued  from  page  20 
older  IT  wmkers  have  higher  rates  of  unemployment  than  both 
younger  IT  vrarkets  and  dder  wcxIiBn!  in  other  professions. 

In  the  category  of  “computer  and  mathematical  occupati - 

the  overall  unemployment  rate  for  people  aged  55  and  older 
jumped  from  6%  to  8.4%  from  2009  to  2010.  accoiding  to  the 
data.  For  per^le  25  to  54  yeais  old  in  that  job  category,  the  unem¬ 
ployment  rate  fell  from  5.1%  in  2009  to  4.5%  in  2010. 

Those  figures  ate  particularly  striking  when  compared  to  the 
overall  popidation,  where  5S-plus  workers  had  lower  unemploy¬ 
ment  rates  (7%)  than  the  25-to-54-yeat-olds  (8.5%)  in  2010. 

That  trend  seems  to  be  refiected  in  the  level  of  amdety  among 
older  IT  workers  who  still  have  jobs.  According  to  Computer- 
world's  2011  Salary  Survey,  the  number  erf  IT  people  feeling 
somewhat  or  very  insecure  in  their  jobs  rises  steilily  with  age 
(see  chart,  page  23). 

As  to  the  fiat-lining  of  wages  that's  rumored  to  sometimes 
happen  in  the  second  half  of  a  high-tech  career,  Computerworld's 

survey  didn't  turn  up  evidence  of  age  bias  in  actual  salaries,  but 

employees  aged  55  and  older  were  the  most  likely  to  report  that 

they  had  generally  “lost  ground  financially"  in  tte  past  two  years. 

An  academic  study  of  IT  salaries  published  in  2008  did  show 
interesting  disparities  in  compensation  by  age  in  three  specific  in¬ 
dustry  segments —  finance,  IT  and  medical  Although  the  report 
is  now  out  of  date  —  it  was  based  on  data  from  2001  —  at  least 
one  of  the  original  researcheis  believes  its  findings  stiU  hold  true. 

“The  slow  economic  recovery  and  the  stubborn  high  unem- 
irfoyment  rate  we  have  right  now  only  make  age  discrimination 
even  more  pronounced,”  says  Jing  Quan,  an  associate  professOT 

at  Salisbury  University  in  Salisbury,  Md.  “IT  companies  are  more 
likely  to  value  IT  workers  who  have  the  most  updated  skill  sets 
and  can  get  the  job  done,”  he  says.  “And  those  are  more  likely 
younger  IT  workers.” 

Keep  Up  or  Keep  Out 

The  hyper-accelerated  pace  of  change  in  high  teclmology  makes 
it  a  challenging  field  to  keep  up  with.  Quan  puts  it  bluntly:  “The 
special  characteristics  of  the  IT  industry  —  highly  competitive, 
^-paced,  short  skill  update  cycle  —  do  not  favor  older  wotkers." 

Julie  McMuUin,  a  professor  at  Canada's  University  of  Western 
Ontario,  elaborates.  “Perceptions  of 'older,'  in  this  particular 
industry,  have  a  lot  to  do  with  competing  demands,"  says  McMul- 
lin,  who  leads  an  international  prefect  called  Workforce  Aging 
in  the  New  Economy  (WANE)  that  studies  aging  and  workforce 
restructuring  in  the  IT  industry. 

“If  you're  an  unencumbered  worker”  —  that  is,  single  with  lots 
of  time  to  work  extra  hours  and  attend  training  to  update  your 
skills  —  “then  you're  “young,'  ”  she  says. 

By  those  standaids,  Honda  Henning  could  pass  for  a  spring 
chicken.  In  leal-Ufe  years,  she's  S3,  but  by  her  own  estimate,  she 
has  logged  enou^  extra  hours  and  obtained  enough  degrees  to 
give  younger  workers  a  run  for  their  money. 

A  senior  scientist  specializing  in  security  at  Harris  Cbrp.,  a 
IS  and  IT  company  based  in  Melbourne,  Fla., 


_ ^ _  ee  (a  B.A.  in  English  and  political  sci 

from  the  Univetsity  of  Pittsburgh).  She  holds  an  MBA  from  the 
Fhnida  Institute  of  Technology  a^  an  M.S.  in  computet  science 
from  Johns  Ho|ddns  University,  and  she's  currently  working 


COVER  STORY 


satalentgapinnuiuge- 
ment,  probably  created  by  the  bet  that 
baby  boomeia  aie  staiting  to  retire. 


loolt  at  oMrr  woiiien  who  have  the  skills 


toward  a  Ph.D.  in  information  systems. 

Beyond  that,  Henning  has  taken  care  to  invest  in  her  career  on 
her  own  time  —  publishing  and  presenting  papers  at  conferences 
and  identifying  a^  pursuing  new  business  initiatives  within  her 
organization.  “Often,  that  has  to  happen  on  your  own  time,  in 
addition  to  your  standard  assignments,”  she  warns. 

And  then  there’s  the  consunt  influx  of  the  new,  and  the  chal¬ 
lenge  of  separating  signal  from  noise.  “I  make  a  conscious  effort 
to  stay  current,  but  these  days,  it’s  very  hard  to  absorb  everything 
and  figure  out  what’s  truly  important,”  Henning  acknowledges. 
“It  can  become  a  Z4-hour-a-day  job  to  try  and  do  that.” 

To  be  sure,  IT  isn’t  the  only  (nofession  in  which  older  workers 
ate  vulnerable  if  they  haven’t  kept  their  skills  up  to  date.  Admin¬ 
istrative  assistants  who  don’t  knw  the  latest  office  productivity 
software,  or  journalists  who  don’t  have  multimedia  skills,  for 


In  fact,  as  technr^ogy  pervades  more  and  mon 
the  pressure  to  keep  up  with  the  pace  of  change 
is  affiecting  a  wider  swath  of  the  population, 
especially  baby  boomers  who  are  reluctant,  or 
unable,  to  retire. 

“It’s  the  same  thing  everywhere,  except  in  IT 
it  happens  faster,”  says  Wadhwa.  “In  IT,  you’re  at 
the  epicenter  of  the  earthquake  in  technologies.” 

Hot  Jobs  VS.  No  Jobs 

Certain  types  of  IT  jobs  appear  less  susceptible 
to  ageism  than  others.  Systems  architects  aixl 
project  managers,  for  example,  are  relatively  safe, 
observers  agree,  as  are  IT  employees  with  highly 
specialized  skills  such  as  scientific  programming 
or  mobile  application  development,  provided 
those  skills  remain  in  dematKl. 

And  management  can  be  a  haven  for  aging 
IT  folks  who  have  people  skills.  Salisbury  Univetsity  researcher 
Quan’s  report  showed  that  in  management,  if  not  elsewhere, 
older  IT  workers  made  higher  salaries  than  the  under-40  set. 

These  days,  cempanies  seem  more  willing  to  hire  older  IT  ex¬ 
ecutives  than  they  were  five  to  10  years  ago,  says  Steve  B.  Watson, 
a  managing  director  at  executive  recruiting  firm  Stanton  Chase. 
Compa^  “need  someone  who  can  hit  the  ground  turming," 

.  he  says.  “There’s  less  interest  in  giving  a  honeymoon  period  to  a 
newcomer,  less  time  for  training  than  there  was  in  the  past.”  In 


Axcelis  Technologies,  a  maker  of  semi¬ 
conductor  capital  equipment,  needs  pro¬ 
fessionals  with  highly  qiedfic  skills  —  in¬ 
cluding  physicists,  experts  in  robotics  and 
programmers  with  FORTH  experience 
—  says  Lynnette  Fallon,  executive  vice 
president  of  human  resources  and  legal 
at  the  Beverly,  Mass.-based  comparry. 
“Sometimes  it’s  hard  for  us  to  find  people 
who  are  good  at  this  software,"  she  says. 
Fallon  doesn’t  see  any  negatives  to  hiring  older  people. 

Because  they  are  mature  and  experienced,  they  can  mentor 
younger  su^rs,  and  mentoring  is  “the  best  kind  of  training,”  she 
says.  Experienced  professionals  do  cost  more,  she  acknowlet^, 
which  means  the  company  must  weigh  the  cost  of  hiring  veteran 
workers  against  the  benefits  they  ofler.  “You  obviously  need  a 
bakmce  in  the  workforce,"  she  says. 

Too  OM  to  Code? 

In  contrast,  programmers  who  are  over  40  can  face  a  bleak 
future  —  particularly  if  they  didn’t  get  on  the  managenKnt  track 
or  didn’t  keep  their  skills  up  to  date.  “In  some  IT  departments, 
you  could  hang  on  umil  the  company  gets  into  trouble,"  says 
Wadhwa,  “but  when  it  does,  you’ll  be  the  first  to  go." 

When  McMullin  has  interviewed  people  for  the  WANE  project. 


code,"  she  says.  “People  would  be  giving  us  these  descriptions  of 
ZZ  Top-looking  programmers  sitting  in  the  back 

_  corner  working  in  Cobol.” 

The  problem  for  programmers  is  twofold; 

For  one  thing,  the  desired  skills  keep  chang- 
it%,  requiring  them  to  refresh  their  talents  on  a 
nearly  cominuous  basis.  And,  unlike  managers, 
programmers  often  don’t  have  a  dear  career 
path  within  an  organization. 

Dennis  O’Connor  is  one  programmer  who, 
through  a  mix  of  hard  work  and  lucky  breaks,  has 
in  high  tech  without  taking 
is  72  and  still 


analyst  for  the  Alexandria,  Va.,  city  government. 

O’Connor  started  out  at  Blue  Crrrss  of  Viiginia 
in  1965  as  a  computer  operator  on  a  Honeywell 
400  mainframe.  He  moved  on  to  progranuning 
360-30  mainframe,  and  spent  some  years  in  banking 


before  roovii^  into  municipal  government  —  a  s 


or  that  h^ 


ing  of  older  workers  than  its  corporate  counterparts. 

He  was  hired  by  the  city  of  Alexandria  11  years  ago  to  service  a 
Cobol-based  payroll  system,  with  the  uirderaanding  that  the  system 
was  scheduled  to  be  phased  out  within  a  year  and  a  half  (but  that 
has  yet  to  happen,  O’Cormor  points  out  with  some  amusement). 

During  a  reorganization  several  years  into  his  tetutre  that  left 


COVER  STORY 


CTConnor  without  a  clear  nrart  stq>,  a  hi^ier-up  put  him  in  a 
management  position,  but  it  wasn’t  to  O’Connor’s  liking.  “Super¬ 
vision  is  not  my  thing  Over  the  course  of  my  career,  I  have  not 
been  happy  with  h,”  he  says.  “Any  time  I  couW  get  out  of  it,  I  did. 

I  do  so  much  better  as  a  programmer/analyst." 

So  he  talked  his  way  into  a  job  on  the  Windows  client-server 
side  of  the  house,  supporting  the  city's  Tidemark  Permit  Plan 
system  for  people  in  various  departinents  using  SQL  Server  and 
Crystal  Reports  —  a  job  he  now  hrves.  “It  was  totally  alien  to  me.  I 
bad  to  hgure  out  what  in  the  world  I  was  doing"  O’Connor  recalls. 

“I’m  sure  there  was  some  apprehension  on  the  part  of  my 
manager  that  I  was  being  dunrped  on  them,  but  as  it  turns  out, 
he  has  been  mote  or  less  pleased,"  he  says. 

Loyal  No  More 

If  h^tech  watchers  and  older  workers  agree  on  anything  it’s 
that  the  onus  is  squarely  on  IT  employees  to  keep  themselves 
current  and  capable.  They  shouldn’t  expect  the  inrhistry  to 
behave  as  if  it  owes  them  anything 

Traditional  loyalty  has  disappeared  on  both  sides  over  the  past 

30  years  —  companies  in  general  ate  no  longer  paternalistic,  and 
wmkers  don’t  think  twice  about  jumping  sh^  when  they  get  a 
better  offer.  Still,  there  are  some  ^irnmets  of  h(^  for  an  under¬ 


standing  between  oldet  workers  and  hiring  companies.  Michael 
T.  Abbene,  who  in  2009  retired  as  CIO  from  St.  Louis-based  Arch 
Coal,  says  “companies  still  have  a  responsibility  to  make  training 
available  and  encourage  people  to  update  their  skills." 

And  on  the  corporate  side,  there  are  operational  reasons  fta  cran- 

institutional  memory,  even  in  a  fost-moving  field,"  Abbene  argues. 

As  a  firunder  of  two  software  companies,  Wadhwa  says  he  had 
no  proUem  hiring  older  workers  —  albeit  at  salaries  that  were 
20%  lower  than  they  had  made  in  previous  positions.  “For  the 
price,  they  were  a  much  better  value,"  he  says. 

economic  sense.  They  have  more  experience  and  they  are  mote 
steady  —  they  won’t  leave  you,"  he  says. 

Wadhwa,  like  marry  othm,  says  there  is  value  in  the  maturity, 
experience  and  even  keel  that  marry  older  workers  possess.  If  it’s 
jirst  trot  as  hi^  a  value  as  employers  would  like,  then,  well,  that’s 
the  state  of  the  market  circa  2011. » 

D.C.-basal  uiriter  spedolizirig  in  technology,  business  and  public  polity. 
AdditiomilneportingbyCotnputerwotki/eaturBseditor'naCYllayor.Ad- 

tflobor  Statistics  chart  ly  online  managing  editor  ShafOlI  Madllls. 


»ms.  Just  when  you  thii 
I’ve  battened  dovra  the  h 
I  fully  safeguaided  youn 


designed  to  jam  GPS  receivers. 

Whether  you're  protecting  corporate  daU 
or  simply  trying  to  keep  your  personal  files 
safe,  thrae  threats  —  some  rapdly  growing, 
others  still  emerging  —  put  your  systems  at 
risk.  Fortunately,  security  procedures  and 
tools  ate  available  to  help  you  win  the  fight. 


SECURITY 


New  threats 
can  turn 
smartphones 
into  spam 
hots,  shut  off 
electricity  or  jam 
GPSsignals. 
BY  JOHN 


GAME  OVER  FOR  PHONE  TAG. 


B  SECURITY 


(ireless.com/unifiedcommunications 


verizon 


Continued  from  page  i6 


1 


Text-Message  Malware 

While  smaitpbone  vinis«  ue  still  billy  rare,  text-mes¬ 
sage  attacks  are  becoming  more  common,  according  to 
Rodney  lofe,  senior  vice  president  and  senior  technolo- 


I  cd  the  ConhckerWotki^  Group,  a  coalition  of  security 
researchers  that  came  together  to  fight  the  malware  known  as 
Cooficker.  PCs  are  fairly  well  protected  today,  he  says,  so  some 
black-hat  hackers  are  now  targeting  mobile  devices.  Their  incen¬ 
tive  is  mostly  financial;  Text  messaging  provides  a  way  to  break 
into  devices  and  make  money. 

IChoiNguyen,groupptoductmanagerfc»niobilesecurityatSy- 

it^  reliant  on  mobile  devices.  It’s  not  just  consumeis  w1k>  are  at 
risk,  he  adds.  Any  employee  who  falls  (or  a  text-mess^  ruse  using 
a  company  smartphocK  can  jeopardize  the  business’s  network  and 
data  and  possibiy  cause  a  oompUaixe  violation. 

’This  is  a  sin^  type  of  attack  as  [is  used  on]  a  computer — 
an  SMS  or  MMS  message  that  includes  an  attachment,  disguised 
as  a  hmny  or  sexy  picture,  which  asks  the  user  to  open  it,” 
Nguyen  explains.  “Once  they  download  the  picture,  it  will  install 
malware  on  the  device.  Once  loaded,  it  would  acquire  access 
privileges,  and  it  spreads  through  contacts  on  the  phone,  [who] 
would  then  get  a  message  from  that  user.” 

In  this  way,  says  Ioffe,  hackets  create  botnets  (or  sending  text- 
message  spam  with  links  to  a  product  the  hacker  is  selling,  usually 
diarging  you  per  message.  In  some  cases,  be  adds,  the  malware 
even  starts  bu^  ring  tones  that  are  charged  on  your  wireless 
bill,  linii^  the  pockets  of  the  hacker  selUng  the  ring  tones. 

Wireless  carriers  say  they  do  try  to  stave  off  the  attacks.  For 
instance,  Verizon  spolwswoman  Brenda  Raney  says  the  company 
scans  (or  known  malware  attacks,  isolates  them  on  the  cellular 
network,  and  even  works  with  federal  crime  units  to  block  them. 

ts’  phones,  Joffe  recommends 
es  institute  strict  corporate  policies  limiting  whom 


what  kind  of  work  can  be  done  via  text  messaging.  Another 
optkm  is  a  policy  that  prohibits  text  messaging  entirely,  at  least 
u^  the  industry  figu^  out  how  to  deal  with  the  threats. 

2  Haddng  Into  Smart  Grids 

A  common  misconceptioo  is  that  only  open  networks 
—  say,  corporate  wireless  LANs  that  visitors  may  use 
—  are  hackable.  Not  true,  says  lustin  Morehouse,  a 
principal  consultant  at  Stratum  Security  who  spoke 
about  network  security  at  last  year’s  DefCon  hiKker 
oortventiotL  Morehouse  says  it’s  actually  not  that  difficult  to  find 
an  access  point  for  a  so-called  closed  system. 

Some  nuclear  plants  and  power  grids  have  wireless  networks 

acquisitioo  (SCADA)  systems  aren’t  safe  either. 

For  exaniple,  the  Stuxnet  worm  last  year  infected  tens  of 
thonrandv  of  Windows  PCs  nmning  Siemens  SCADA  systems 

It  was  largely  spread  via  infected  USB  flash  drives. ‘Stuxnet 
proved  that  it  is  relatively  simple  to  cause  potentially  catastrophic 


damage"  to  an  industrial  control  network,  says  Neustar's  Joffe. 

Accordit^  to  Motdnuse,  another  new  attack  prnnt  will  be  smart 

ment  Utility  companies  around  the  world  have  begun  testing  and 
rolling  out  smart  grids  to  homes  and  businesses.  The  technology, 
which  can  send  data  to  and  receive  it  horn  a  central  system,  can 
also  be  very  helpful  (or  IT:  You  can  open  a  cooscde  to  see  the  power 

^  smart  grids  might  be  vuliwrable  to  attacks  that  would 
allow  nefarious  hackers  to  cut  off  electricity  at  homes  and 
businesses  and  wreak  other  kinds  of  havoc.  One  possible  attack 
vector  is  a  smart  grid’s  communications  infrastructure.  For 
example,  Morehouse  says,  a  German  utility  company  called  Yello 
Strom  uses  a  consumer  smart  grid  system  that  works  like  a  home 
automation  kit  —  the  sensors  report  energy  usage  back  to  the 
central  server  via  the  user’s  home  Wi-Fi  network. 

The  most  effective  preventive  measure,  says  Morehouse,  is  rigid 
iscdatkm  —  a  smart  grid  should  not  touch  any  other  network. 
Given  the  dangers  that  can  arise  if  a  hacker  gains  access  to  a 
smart  grid,  he  says,  companies  should  conduct  penetration  tests 
and  m^  sure  that  firewalls  in  closed  networks  are  secure.  He 
advises  using  tools  such  as  Core  Impact  and  Metasploit. 

3  Sodal  Netvraric  Account  Spooflng 

Users  of  Facebook,  Linkedin  aixl  other  social  networks 
are  vulnerable  to  attacks  that  rely  on  account  spoofing.  A 
scammer  poses  as  either  someone  you  know  or  a  friend 
of  a  friend,  in  otrler  to  fool  you  into  revealing  personal 
irtformation.  He  then  uses  that  information  to  gain 
access  to  your  other  accoutrts  and  eventually  steal  your  identity.  ■ 
In  a  typical  exploit,  says  Joffe,  someone  contacts  you  on  a  site 
like  Facebook  or  Littkedln,  pretending  to  be  a  friend  of  a  frietrd 
or  a  co-worker  of  someone  you  trust.  Then,  this  new  “friend" 
contacts  you  directly  through  text  message  or  email.  The  cor¬ 
respondence  seems  legitimate  because  you  believe  he  has  a  con¬ 
nection  with  an  individual  you  trust. 

In  another  scenario,  a  scammer  might  impersonate  someone 
you  already  know  —  claiming  to  be  an  old  fiiend  from  high 
school,  for  instance.  Spoofers  can  find  out  your  connections  by  fol¬ 
lowing  your  public  feeds  or  looking  up  the  names  of  co-workeis  on 


Once  the  scammer  has  established  a  connectioo  with  you, 
he  uses  devious  means  to  steal  personal  data,  such  as  chatting 
online  to  find  out  the  names  of  your  family  members,  favorite 
bands,  hobbies  and  other  seemingly  iniucuous  information. 
Then  he  uses  that  information  to  try  to  guess  your  passwords 
or  answers  to  security  questions  for  banking  sites,  webmail  ac¬ 
counts  or  other  online  services. 

Morehouse  describes  another  type  of  attack  that  targets  com¬ 
panies  as  well  as  individuals.  The  spoofer  might  set  up  a  Face- 
book  page  that  claims  to  be  the  official  company  page  for,  say,  a 
major  retailer.  The  spoofer  might  claim  that  the  page  is  a  formal 
method  to  contact  the  company  or  register  complaints. 

The  page  might  offer  fake  coupons  to  entice  people  to  join,  and 
K  soon  goes  viral  as  people  share  it  with  their  friends.  Once  hun¬ 
dreds  or  thousands  of  users  have  joined  the  page,  says  Morehouse, 
the  owner  tricks  them  into  giving  out  perso^  informatioo, 
perhaps  by  signing  up  for  additional  coupons  or  special  offers. 

This  ends  up  being  a  douUe  attack:  Consumers  are  harmed 


28  COIinyTIi.0.lP  NOVEMBER  21. 


because  their  personal  dau  is  compromised,  and  the  company  is 
harmed  because  its  customers  now  associate  the  fake  Facebook 
page  with  the  teal  company  —  and  decide  not  to  buy  feom  that 
company  anymore. 

Joffe  says  there  is  no  way  to  prevent  a  criminal  from  setting  up 
a  feke  Facebook  page,  but  conqianies  can  use  monitoring  tools 
such  as  Social  Mention  to  see  how  the  company  name  is  being 
used  online.  If  an  unauthorized  page  turns  up,  companies  can 
ask  the  social  network  to  remove  the  fake  listing. 

4  GPS  Jamming:  Threat  or  Nuisance? 

An  emerging  criminal  tactk  —  interfering  with  GPS 
signals  —  hi  security  experts  divided  on  just  how 
harmful  it  could  become. 

Jarruning  a  GPS  s^nal  at  the  source  is  next  to  impos¬ 
sible,  says  Phil  Ueberman,  founder  of  enterprise  security 
vendor  Lieberman  Software.  Blocking  the  radio  signals  that  are 
broadcast  from  orbiting  GPS  satellites  would  require  a  massive 
countertransmission.  And  because  the  satellites  are  qrerated  by 
the  U.S.  military,  jamming  them  would  be  considered  an  act  of 
war  and  a  federi  crime,  says  Lieberman. 

However,  it  is  easy  to  jam  GPS  receivers  using  low-cost  jamming 
devices  like  one  sold  by  Brando.  The  devices  jam  a  receiver  by 
overloading  it  with  a  signal  that’s  similar  to  the  teal  GPS  signal. 
The  receiver  then  becomes  confused  because  it  can’t  find  a  steady 
satellite  transmission. 


networks  use  a  completely  di&ient  GPS  signal  from  the  one  we 
use  in  cars  and  handheld  devices,  lamming  could,  however,  be  a 
potentially  dangerous  issue  when  it  comes  to  financial  records, 
he  says,  because  GPS  devices  are  used  in  the  banking  industry  to 
add  time  stamps  to  financial  transactions.  Although  compietely 
blocking  transactions  would  be  difficult,  Lieberman  says,  an 
industrious  backer  could  theoretically  disrupt  transacticns  and 
cause  headaches  for  banks. 

Security  expert  Roger  Johnston,  a  systems  engineer  at  the 
Atgonne  National  Laboratoty  in  Chicago,  says  spoofing  GPS 
signals  is  the  greater  danger,  explaining  that  GPS  receivers  are 
low-power  devices  that  latch  on  to  any  strong  signal.  He  says 
spoofing  could  be  used  for  serious  crimes  —  tricking  a  delivery 
truck  driver  into  turning  down  a  dark  alley,  changing  the  time 
stamps  on  financial  transactions,  delaying  emergency  vehicles 
from  finding  thor  routes.  There  have  been  no  reported  cases  of 
GPS  spoofing  to  commit  a  criminal  act,  but  lobnston  warns  that 

Taking  some  extra  precautions  —  using  strong  encryp¬ 
tion  technology,  engaging  only  with  trusted  friends  on  social 
networks,  and  using  penetratioo  testing  software  on  corporate 
networks  —  can  alleviate  some  fears  and  help  you  sleep  at  night, 
even  if  the  bad  guys  keep  coming  up  with  new  exploits.  ♦ 
Brandon  is  a  firmer  IT  monqgrr  at  a  fortune  lOO  ontipony  who  now 
writes  obout  lechnokigy.  He’s  written  more  than  2.500  artides  in  the  past 


BUSINESS  INTELLIGENCE 


sponsive  to  ever-changing  business  and  regulatory  requirements. 

Very  few  oiganizations  have  impfemented  agile  B1  as  Forrester 
defines  it,  Evelson  says.  Based  on  anecdotal  evidence  and  discus¬ 
sions  with  clients,  he  estimates  that  out  of  all  the  organizations  that 
use  B1  applications,  probably  less  than  zo%  of  the  B1  user  population 
within  those  organizations  is  leveraging  some  kind  (rf  agile  Bl.  But  he 
predicts  that  this  figure  will  climb  to  about  8o%  in  the  near  future. 

Business  intelligence  is  particulariy  well  suited  for  agiUty  and  the 
agile  development  methodology,  says  David  White,  an  analyst  special¬ 
izing  in  B1  at  research  firm  Aberdeen  Group. 

Research  conducted  by  Abeideen  in  February  and  March  indicates 


toa  I  I 

FAST  START 


Every  company  is 
a  data  company. 


Over  half  of  the  Fortune  100 


.splunk.com/goto 


splunk 


Change 


CantmMdfmmpagtjo 


to  e0ectively  deUveiing  BI  that  is  truly  valuable  to  the  business. 
First,  data  volumes  and  the  number  of  BI  date  sources  ate 

dedsionsnaking  is  shrinking.  And  third,  demand  for  manage¬ 
ment  information  is  always  increasing. 

CHearly,  BI  implementatioos  have  to  be  more  agile  so  managers 
can  easily  6nd  the  information  they  need  as  business  require¬ 
ments  change.  And  to  achieve  that,  companies  must  analyze 
their  organizatioos' business  needs  and  take  them  into  accoum 
when  configuring  and  deploying  BI  software.  White  says. 

The  Aberdeen  research  shows  that  oiganizations  with  the 
most  highly  agile  BI  implementations  are  more  likely  to  have 

processes  in  place  for  ensuring  that  business  needs  are  being  met. 

Another  k^  to  success  is  to  heavily  involve  end  users  in  the  BI 
development  process.  At  neatly  70%  of  the  oiganizations  that  are 
successfully  deploying  agile  BI,  IT  and  business  people  collabo¬ 


rate  frequently,  according  to  Aberdeen.  Such  interaction  is  not 

as  common  at  organizatioos  that  are  less  agile;  only  50%  of  them 
report  frequent  coUaboration  between  IT  and  the  business. 

The  interactioo  that’s  needed  might  no' 


between  IT  and  the  business,"  he  says,  and  that  barrier  must 
be  knocked  down  if  agile  BI  is  to  berome  a  reality,  ‘"niat  close 

involvement  and  the  iterative  process  is  part  of  the  agile  meth¬ 
odology,  and  it’s  very  applicable  to  BI.  Developers  working  with 

business  users  side  by  side  or  dose  by  is  very  powerful.” 

RapM  Delivery 

Organizatioits  using  agile  BI  are  taiqnng  into  that  power.  One 
example  is  Kiva,  a  San  Frandsco-based  rronprofit  that  arranges 
person-to-person  loans  via  the  Internet  to  hdp  allevUte  poverty. 
In  zoto,  Kiva  implemented  a  new  daU  warehousing  andBIap- 
[dication  based  on  Pentaho’s  Agile  BI  techndogy  to  handle  its 
rapidly  growing  stockpile  of  data  and  replace  an  increasingly  in- 


Kiva  has  grown  rapidly  since  its  founding  in  2005,  and  it  has 
hdped  entrepreneurs  around  the  world  secure  more  than  $200 
million  in  microloatts  from  individual  lenders.  As  of  ^rril  20ir, 
tbeorganizationhadunitedmorethan570,ooolenders,r3itni- 
crofinance  institutions  and  some  450  vcdimteers  arrrund  the  globe. 

The  nonprofit  has  used  Pentaho’s  open-source  development 
platform  to  create  mtnithly,  weekly  and  program-specific  dash¬ 
boards  that  product  managers  and  finatice  specialists  can  use  to 
track  and  manage  key  metrics  such  as  transaction  volumes,  new 
user  registrations  and  promotion  performance,  says  Greg  Allen, 
a  business  analyst  at  Kiva.  The  organization  has  developed  tools 
such  as  a  “loan  posting  exploter,”  an  application  that  allows  risk 

managers  to  analyze  loan  posting  patterns  based  on  region  and 
country,  type  of  loan  and  type  of  borrower,  he  says. 

The  big^  benefit  that  Kiva’s  agile  BI  efforts  have  yielded  is 
the  ability  to  rapidly  and  incrementally  deliver  information  to  end 
users.  “We  have  a  1^  vision  for  our  data  warehouse  project,  which 
will  require  a  substantial  time  investment  to  complete,”  Allen  says. 
“Instead  of  forcing  the  organization  to  wait  for  a ‘big  switch,’ we 


data  strrrctures  underlying  Kiva’s  BI  system,  Allen  says,  ‘^e’ve 
found  that  our  users  tesp^  best  to  testing  early  versums  of  our  BI 
sdutions,”  he  says.  “Ad  hoc  data  sources  enable  us  to  test  business 
logictDcolIectanditicotpotateuserfeetflMckquiddy.beftrtedevd- 

^^en  [difficulties  and]  lead  to  more  comprehensive  solutions.” 

Allen  says  having  greater  agility  with  BI  development  gives  the 
organization  more  fi^bility.  “Our  business  can  change  quickly, 
and  being  able  to  respond  quickly  with  data-driven  dedsions  is 
critical  to  our  growth,"  he  says.  “Agile  BI  enables  us  to  capture 
new  dau  and  transform  it  into  information.” 

Although  Kiva  is  at  the  beginning  of  an  ambitious  plan  for  its  data 

new  insights  on  our  user  bare  and  partners,”  AOen  says.  “Ofterr, 


32 


Sensitive  Data,  in  the  Wiid 

It  isn’t  easy  to  stop  your  employees  from  posting  things  they 
shouldn’t  on  social  media  and  file-sharing  sites. 


IF  YOU  dc«i’t  think  it's  a  big  chal¬ 
lenge  to  protect  sensitive  company 
information  and  intellectual  prop¬ 
erty,  listen  to  this  story. 

Last  week,  one  of  our  sales 

the  road  map  for  one  of  our  flagship 
products.  This  discussion  was  to  be 
confidential,  so  you  can  imagine  the 
sales  associate's  consternation  when  the 
customer  said  he  had  already  viewed  the 
presentation  on  the  Web. 

He  simply  searched  SlideShare.net,  an 
online  community  for  sharing  presenta¬ 
tions,  and  found  ours. 

Access  wasn't  restricted 
(thou^  restricting  it  is 
an  option),  so  he  was  able 
to  download  it  and  have  a 
look  —  ignoring  the  “Re¬ 
stricted  Use  Only"  label  slapped  across  it 
The  uproar  that  this  situation  created 
reached  me  quickly,  and  I  was  asked  to 
remove  the  ^  Skot  SlideShare. 

One  difficulty  with  that  request  was 
that  only  the  user  who  uploaded  the 
file  could  remove  it,  and  that  user  had 
uploaded  it  anonymously,  so  I  couldn't 
just  send  him  an  email  and  tell  him  to 
take  it  down.  I  mi^  have  been  able  to 
get  his  attention  by  blogging  about  the 


problem,  but  then  we  would've  been 
advertising  cur  misstep  to  the  public. 

I  contacted  SlideShare  and  ask^  that 
the  file  be  removed,  but  like  most  social 
media  and  file-sharing  sites,  it  wouldn't 
act  on  a  request  from  a  third  party,  even 
though  that  third  party  was  the  security 
guy  at  the  company  that  created  the 
presentation.  That  left  legal  action  as  our 
last  resort;  our  legal  department  filed  a 
request  through  the  Digital  Millennium 
Copyright  Act. 

Because  I  am  a  security  guy,  this  turn 
of  events  didn't  come  as  a  great  surprise. 

Things  like  this  are 

of  prcdiferating  social 
media  and  cloud-based 

storage.  Tve  denied 
several  requests  to  use  the  cloud  to  store 
corporate  data  —  I'm  not  satisfied  with 
the  security  these  services  ofe  —  but 
reports  generated  from  our  firewall  show 
widespread  use  of  these  technologies. 

TWoOptkNIS 

This  event,  as  well  as  other  situations 
that  arise  because  it's  so  easy  for  users  to 
move  things  to  the  doud  on  their  own, 
can  be  handled  internally  in  two  ways: 


U  Things  like  this  are  inevitable  in  an  era  Of 

soda!  media  and  doud-based  data  sharing  and  storage. 


Trouble 

Ticket 


administratively  and  technologically. 

Administratively,  I  suggested  that  the 
vice  president  of  sales  tell  his  team  that 
whoever  uploaded  the  file  must  remove 
it,  because  it  put  the  organization  at  risk. 
I  also  suggested  that  our  vice  president 
of  marketing  and  public  affitirs  or  our 
legal  counsel  send  a  stern  message  to  the 
entire  workforce,  stressing  the  inqxir- 
tatKe  of  obtaining  approval  from  market¬ 
ing  or  public  affairs  before  releasing  arty 
nonpublic  dau  to  the  Internet.  Luckily, 
I've  already  included  these  scenarios  in  a 
mandatory  security  awareness  training 
module  I  recently  released. 

Technologically,  I  don't  have  much  to 
work  with,  given  our  current  budget  and 
resource  constraints,  but  I  will  enable 
URL  corttent  filtering  rules  on  our  new 
Palo  Aho  Networks  firewalls  to  block 
access  to  any  personal  storage  sites,  with 
appropriate  exceptions.  I  know  that 
doir^  this  will  have  a  business  impaa, 
since  certain  departments  use  these  sites 
to  disseminate  training  materials  and 
marketing  and  sales  information  to  the 
public.  It  will  take  quite  a  bit  of  time  to 
minimize  the  business  impact. 

The  other  issue  with  URL  filtering  is 
that  it  isn't  in  e&ct  when  an  employee 
goes  off  our  network.  Of  course,  lapops 
can  be  configured  to  firrce  all  network 
traffic  over  a  VPN,  and  software  can 
push  URL  content  filtering  rules  to  each 
laptop,  but  those  are  the  sorts  of  things 
we  can’t  afford  to  do.  I  have  data  leak 
prevention  in  my  budget  for  2012,  and 
chat  will  help  prevent  nonpublic  dau 
from  leaving  the  company. 

But  without  solid  technical  controls, 
we  will  have  to  rely  on  stern  words  and 
employees’  sense  of  responsibility.  ♦ 

This  week 's  journal  is  written  0  ml 


Change 

P 


rate  frequently,  according  to  Aberdeen.  Such  interaction  is  not 
as  common  at  organizations  that  ate  less  agile;  only  50%  of  them 
report  frequent  collaboration  between  IT  and  the  business. 

The  interaction  that’s  needed  might  not  come  easily.  White 


be  knocked  down  if  agile  B1  is  to  become  a  reality.  “That  close 
involvement  and  the  iterative  process  is  part  of  the  agile  meth¬ 
odology,  and  it’s  very  applicable  to  BI.  Developers  working  with 
business  users  side  by  side  or  close  by  is  very  powerful.” 

Rapid  Delivery 

Oiganizations  using  agile  Bl  ate  tapping  into  that  power.  One 
example  is  Kiva,  a  San  Francisco-based  nonprofit  that  arranges 
person-to-person  loans  via  the  Internet  to  help  alleviate  poverty. 
In  2010,  Kiva  implemented  a  new  data  warehousing  and  BI  ap¬ 
plication  based  on  Pentaho’s  Agile  BI  technology  to  handle  its 
rapidly  growing  stockpile  of  data  and  replace  an  increasingly  in- 
efiBcient  ad  hoc  analysis  process  that  was  done  via  spreadsheets. 

Kiva  has  grown  rapidly  since  its  founding  in  2005,  and  it  has 
helped  entrepreneurs  around  the  world  secure  more  than  $200 
million  in  microloans  from  individual  lenders.  As  of  April  2011, 
the  organization  had  united  more  than  570,000  lenders,  131  mi¬ 
crofinance  institutions  and  some  450  volunteers  around  the  globe. 

The  nonprofit  has  used  Pentaho's  open-source  development 
platform  to  create  monthly,  weekly  and  program-specific  dash- 


Security^^ 
y  Maric^er’s  i 

Journal 

MATHIAS  THURMAN 


Sensitive  Data,  in  the  Wild 


F  YOU  don’t  think  it  s  a  big  chal- 


the  road  map  for  one  < 
products.  This  discuss 
confidential,  so  you  can  imagine  the 
sales  associate's  consternation  when  the 
customer  said  he  had  already  viewed  the 


look  —  ignoring  the  “Re¬ 
stricted  Use  Only"  label  slapped 

The  uproar  that  this  situation  created 
reached  me  quickly,  and  I  was  asked  to 
remove  the  file  from  SlideShare. 

One  difficulty  witi 
that  only  the  user  who  uploaded  the 
file  could  remove  it,  and  that  user  ha* 
uploaded  it  anonymously,  sc 
just  send  him  an  email  and 


k  OPINION 


^PERKINS _ 

Ensuring  Project  Success 


Even  aggressive 
plans  can 
succeed  if  they 
are  glided 
in  reality. 


■artPMklmis 

managing  partner 
at  Louisville.  Ky.- 
based  Leverage 
Partners,  which  helps 
organizations  invest 
well  in  IT.  Contact 
him  at  BartPerkins@ 
LeveragePartners.com. 


PROJECT  PLANS  SOMETIMES  GO  OFF  THE  RAILS.  That’s  always 

been  the  case,  and  with  the  perfection  of  the  human  race  nowhere 
on  the  horizon,  it  will  remain  true.  But  we  can  reduce  the  number 
of  projects  that  fail. 


While  many  bctois  a£Bect  project  success,  failed 
projects  often  stem  feom  flawed  plans  that  don’t 
address  basic  constraints.  When  it  comes  to  IT, 
pfans  must  account  for  constraints  in  these  areas: 

Specialized  skins.  Plans  must  consider  the 
availability  of  high-demand  skills.  One  Fortune 
500  retailer  intended  to  rebuild  almost  every 
applicatioa  in  its  portfolio.  Initially,  the  plan  ap¬ 
peared  aggressive  but  achievable.  Deeper  analysis 
revealed  significant  staffing  flaws.  Nine  key  peqrle 
(including  architects  and  project  managers)  were 
each  assigned  full  time  to  more  than  one  prrqect. 
Avoid  this  by  checking  staff  availabihty  against 
other  project  commitments,  even  if  specialized 
skills  are  required  fi>r  just  a  lirtrited  time.  This 
sounds  obvious,  but  it's  too  often  ignored. 

OdiPriL  Plans  must  aooimmodate  an  organiza¬ 
tion’s  distinctive  culture.  A  global  enterprise  with 
hundreds  of  small,  autonomous  offices  failed  to 
address  field  office  independence  when  rolling  out  a 
corporate  help  desk.  Held  offices,  which  had  always 
relirf  on  overworked  but  responsive  local  rr  staff^, 
saw  no  value  in  the  new  h^  desk  and  disregarded  k. 
Finally,  this  culture  of  autonortry  was  acknowledged 
and  addressed  by  giving  local  IT  staffi  the  power 
to  decline  requests  if  the  problems  had  not  been 
reported  to  the  global  he^  desk.  Project  plannets 
ignore  oiganizatiooal  culture  at  their  peril. 

Delivery  opabllity- Every  IT  organizatioo  has 
limitatioos  imposed  by  infrastructure.  One  Fortrme 
500  food  manufacturer  decided  to  switch  from  a 
direct  sales  force  to  brokets,  while  sitttultaneausly 
cfaangmg  both  its  product  mix  and  its  credit  terms. 
Unfortunately,  its  homegrown  systems  were  old. 


inflexiWe  and  poorly  documented.  The  planning 
team  refused  to  include  IT  improvements,  despite 
ITs  protests.  All  changes  were  implemented 
concurrently,  overwhelming  the  IT  systems  as  pre¬ 
dicted.  Unable  to  take  orders  or  ship  products  for 

Budgets.  Plans  that  ignore  budget  constraints 
are  doomed.  One  CIO  was  required  to  undertake 
eight  major  projects  in  parallel,  tbou^  he  lacked 
enough  project  managers.  His  requests  to  hire  addi¬ 
tional  staff  or  to  delay  several  projects  were  denied. 
IT  staffers  are  now  demoralized,  developing  a  plan 
they  don’t  believe  is  feasible;  many  are  exploring 

Flawed  plans  are  often  the  result  of  corporate 
weaknesses.  Management  pressure  is  one  of  the 
most  common  weaknesses.  That’s  what  led  Enron 
executives  to  publicly  discuss  revenue  and  profit 
plans  that  were  eventually  revealed  as  ftaudulent. 

Inexperience  is  another  culprit  Planning  teams 

need  enough  seasoned  participants  to  ensure  that 

schedules  are  realistic  and  that  ermstraints  and 
risks  are  taken  into  account. 

Deadline-induced  carelessness  can  also  play  a 
pr^  The  planning  team  at  the  Fortune  500  re¬ 
workdays  got  longer  and  the  dearUine  ajqjToached, 

decreased,  and  the  aggregate  prefect  plan  was  not 
sufficiently  cross-checked  for  inconsistencies. 

Even  aggressive  plans  can  succeed  if  they  are 
grounded  in  reality.  But  the  bolder  the  plan  is,  the 
less  room  there  is  for  error.  Undetected  planning 
flaws  lead  to  failure.  • 


34  COHrUTENWORLO  NOVEMBER  21.  2011 


MARKETPLACE 


35 


Career 

Watch 


A  New  Job  App 


^Tislhe 

Season# 


got  more  interesting  for  IT  professionals 
Dice  s  announcement  that  it  is  offering  free 
apps  through  Google  s  Android  Marketplace  and 
Apple  sAppStore. :  - 


M  H  ERE’S  A  SHOCKING  PIECE  OF  NEWS; 

Employees  aren’t  always  telling  the  truth 
when  they  tall  in  sick. 

tive  conducted  for  SoloGig,  34%  of  U.S.  IT 
workers  admitted  that  they  had  used  a  fake 
excuse  when  they  called  in  sick  during  the  past  year. 

SoloGig.  a  division  of  CareerBuilder  that  runs  an  employ¬ 
ment  site  for  consultants,  surveyed  more  than  170  IT  employ¬ 
ers  and  293  IT  workers  at  the  end  of  the  summer  on  the  topic 
of  absenteeism. 

dien  IT  Workers  employers  expect  more 

O  Missing  IT  absenteeism  as  the 

bile  employers  reported  year  winds  down,  with 

ightened  absenteeism  around  36%  reporting  that 


Career 

Watch 


A  New  Job  App 


.Tislhe 

SeasonJ 


H  mm  ERE’SASHOCniie  PIECE  OF  NEWS: 

Employees  aren’t  always  telling  the  truth 
wheh  they  call  in  sick. 

In  fact,  in  a  survey  that  Harris  Interac- 
H  H  tive  conducted  for  SoloGig.  34%  of  U.S.  IT 
Hi  H  workers  admitted  that  they  had  used  a  fake 
excuse  when  they  called  in  sick  during  the  past  year. 

SoloGig,  a  division  of  CareerBuilder  that  runs  an  employ¬ 
ment  site  for  consultants,  surveyed  more  than  170  IT  employ¬ 
ers  and  293  IT  workers  at  the  end  of  the  summer  on  the  topic 
of  absenteeism. 

One  finding  was  that 

WIMH  IT  WOltelS  employers  expect  more 

Go  IT  absenteeism  as  the 

While  employefs  reported  year  winds  down,  with 

heightened  absenteesm  around  36%  reporting  that 

the  holidays,  they  said  the  prime  workers  call  in  sick  more 
cftenduringthewinter 
quaner,  holidays.  But  that  isn’t 

JNNJ2 _ I  I - ttowSS 

managers  cited  as  the 

Mh  11%  peak  of  absenteeism 

(see 

The  survey  also  found 
^  I  that  sending  an  email  is 

Mf  now  as  likely  a  means  of 
Hai^— '  dmS  ’’calling  in' sick  as  using 

**  ployees  said  they  have 

texted  in  the  news  that 

they  won’t  be  at  work,  but  they’re  still  in  the  minority. 

SoloGig  also  asked  the  IT  managers  about  unusual  excuses 
they  had  heard  for  not  showing  up  at  work.  Some  of  the  ex¬ 
cuses  don’t  really  sound  all  that  odd  (depending  on  where  you 
live,  getting  bitten  by  a  deer  might  not  be  considered  unusual. 


11% 


’0MP[IT£f[iV9p 


C0MPiniR'NOR| 


Instantly  Search  Terabytes  of  liBxt 


Special  forensics  searcl 
Advanced  data  classifi< 


The  Marketplace  section  of 


MARKETPLACE 


•  Supports  MS  Office  through  2010  (Word,  Excel,  PowerPoint 
Access),  OpenOffice,  ZIP,  HTML,  XML/XSL,  PDF  and  more 

•  Supports  Exchange,  Outlook,  Thunderbird  and  other 
popular  email  types,  including  nested  and  ZIP  attachments 

•  Spider  supports  static  and  dynamic  web  data  like  ASP.NET, 
MS  SharePoint  CMS,  PHP,  etc. 

«  API  for  SQL-type  data.  Including  BLOB  data 
25+  full-text  and  fielded  data  search  options 

•  Federated  searching 


Ask  about 

fuHy-functional 

evahutionsl 


APIs  for  C++,  Java  and  .NET  through  4.x  nvie« 

•  Native  64-bit  and  32-bit  Win  /  Linux  APIs;  .NET  Spider  API  * 

•  Content  extraction  only  licenses  available _ J 

www.cltSearch.«oin  •  i-8004tfinds 


Make  the  Most  Out  of  Your  Advertising  Budget. 
Reach  Computerworld^s  Targeted  Audience. 

94%  of  those  surveyed  said  they  take  one  or  more  actions  as  a  result  of  seeing  an  advertisement, 
with  75%  visiting  an  advertiser’s  website.* 


Contact  Enku  Gubaie  for  mon 
508.766.5487 
egubaie@idgenterprise. 


IT|careers 


-OPINION 

JONNHALMIIKfl 


The  New  Metrics 
For  CIO  Success 


Modem  CIOs 
must  think 
more  Me 
CEOsabout 
business  needs 
and  future 
strata 


ClOatCareGroup 
Healthcare  System.  00 
and  associate  (jean  for 
educational  technology 
at  Harvard  Medical 
School,  chairman 
of  the  New  England 
Health  Electronic  Data 
Interchange  Network, 
chairman  of  the 
Healthcare  Information 
Technology  Standards 
Panel  and  a  practicing 
emergency  physician, 
you  can  contact  him  at 
jhalamkaacategroup. 
harvard.edu. 


WHEN  I  BEGAN  HY  CAREER  as  a  CIO  in  1997,  success  was  defined 
by  the  basics:  email  delivery,  network  connectivity  and 
plication  functionality.  I  personally  wrote  code,  experimented 
new  operating  systems  and  created  novel  analytics. 


In  2011,  CIO  success  is  much  more  complex. 

InliastTuctuie  success  can  be  defined  as  99.99% 
uptime  of  aU  systems  and  no  loss,  corruption  or 
breach  of  data.  This  is  very  bard  to  achieve,  and 
the  doud  sets  expectations  that  IT  infiastiucture 
should  be  like  heat,  power,  and  hght—  available 
when  needed,  in  the  amount  required. 

Application  success  can  be  defined  as  the  deliw 
ery,  on  time  and  on  budget,  of  “go  lives’ according 
to  project  i^ans.  Two  important  forces  make  this 
more  conqrlicated.  One  is  the  rise  consumer 
app  stores,  which  set  expectatioos  that  enterprise 
software  dwuld  be  easy  to  find,  procure  and  instaU. 
The  second  is  that,  as  the  economy  forces  downsiz¬ 
ing,  there’s  more  pressure  rm  the  IT  department 
to  quickly  deliver  applicatioiis  that  provide  better 


by  with  fewer  employees. 

This  all  sounds  impossible.  Deliver  massive 
infrastructure  in  an  envirortment  of  constant 
change,  but  keep  it  entirely  reliable  and  secure. 
Deliver  applications  that  support  business  process- 


resources  —  both  within  the  IT  department  and 
among  the  business  owners  of  those  processes. 


Morlem  CIOs  are  not  technrdogists  or  evan- 


managers,  strategic  corrununicators  and  project 
managers,  delicately  balancing  project  portfolios. 


Mrxlern  CIOs  have  little  time  to  get  infrastruc¬ 
ture  and  applications  right.  They  must  think  more 
like  CEOs  about  business  needs  and  future  strate¬ 


gies,  and  they  must  act  ttK»e  like  Wayne  Gretzky 
(who  skated  not  where  the  puck  was,  but  where  it 
was  going  to  be),  to  ensure  that  critical  infirrmation 
technology  is  d^oyed  by  the  time  it  is  needed. 

What  am  I  doing  in  fi^  20t2  to  become  a 
mote  effective  modem  CIO?  Three  things; 

1.  I’m  Meiitlfying  key  bushrew  crtstamefs  and 
meeting  with  each  one  to  make  sure  their  priorities 
are  reflected  in  the  current  IT  operating  plan  and 
the  five-year  IT  strategic  plan.  Working  with  the 
govemancecotnmittees,Iwilltrimthelistof[xi- 
ortties  to  just  those  projects  that  have  the  greatest 
impact  on  business  strategy,  quality  and  efficiency. 

2.  I’m  ftandanttzlH  CMmiMialioiis  so  key 
customers  tecdve  monthly  updates  about  their 
priority  projects. 


ects  across  the  Mttfpris*.  It  includes  standard¬ 
izing  the  IT  project  intake  process,  the  IT  project 
life  cycle  and  project  management  tools  (pn^ 
documentation,  project  plans  and  status  reports). 

I  hope  that  by  focusing  on  customer  rdatkm- 


man^ement,  I  will  create  a  posittve  working  en¬ 
vironment  ftrr  the  IT  staff,  with  a  manageable  set 
of  well-defined  projects  and  engaged  customers. 
Doing  a  few  prefects  swiftly  and  in  greater  depth 
to  meet  the  most  critical  needs  of  the  business 
is  much  harder  than  agreeing  to  do  many  niche 
prefects  and  moving  slowly  on  all  erf  them. 

CIOs  should  be  judged  on  their  ability  to  manage 
demand  and  achieve  reasonable  levels  of  customer 


40  CO.»«TE.WO.l.  NOVEUaE.  21. 


satisfaction  while  focusing  on  a  narrower  project 
portfolio  and  deltvering  it  at  a  filter  pace.  • 


Cenlui  yLink 

Business 


DB2on 
POWER: 
3x  faster. 
Check. 


